Activeboard: AWS Security Lake

[ 1 Purpose ] [ 2 Prerequisites ] [ 3 Open Activeboard ] [ 4 Use Activeboard ]

Purpose

This Activeboard helps you monitor the activity of Amazon Security Lake.

Amazon Security Lake automatically centralizes security data from AWS environments, SaaS providers, on premises, and cloud sources into a purpose-built data lake stored in your account. With Security Lake, you can get a more complete understanding of your security data across your entire organization.

You can also improve the protection of your workloads, applications, and data. Security Lake has adopted the Open Cybersecurity Schema Framework (OCSF), an open standard. With OCSF support, the service normalizes and combines security data from AWS and a broad range of enterprise security data sources.

Security Lake Events: Simple value widget	AWS Account: Text input	AWS Region: Select input
API Operations - src Endpoint Domain: Dependency wheel widget	Product and Features: Voronoi widget	API Operations: Table widget
Activity Overview: Table widget

Prerequisites

To use this Activeboard, you must have the following data sources available in your domain:

cloud.aws.security_lake.event ^{learn more}

Open Activeboard

Once you have installed the Activeboard, you can use the Open button at the top right of the card in Exchange to access it and see the different widgets populated with the relevant data. You can also access the Activeboard area via the Navigation pane.

Data loading takes too long?

Sometimes some widgets take time to upload the data, it is possible to speed up the process by creating aggregation tasks. Refer to the Aggregation tasks article to learn how to do it.

Use Activeboard

After installing and opening the Activeboard, you can use its widgets to visualize and monitor data. To do this, each widget offers a variety of customization and visualization options. Refer to Using widgets and Using inputs to know them all.